[Snort-users] Whad'ya do?

Aaron McKinnon aaron at ...1376...
Tue May 8 19:33:51 EDT 2001

ARIS is very cool! I just set it up and made it send a report right before
rotating the logs... I dig it.

Aaron McKinnon
System Administrator
Fullerene Productions, Inc.
3250 Wilshire Blvd. Suite 2000
Los Angeles, CA 90010

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Ryan
Sent: Tuesday, May 08, 2001 2:58 PM
To: Dave.Hampel at ...1919...
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Whad'ya do?

On Tue, 8 May 2001 Dave.Hampel at ...1919... wrote:

> I was wondering..... I monitor my firewall logs and I get messages from
> Snort saying someone is scanning my network using FTP or SunRPC source
> (etc.) Great. Works as advertised. BUT what do you DO about it.
> Has anyone taken measures to actually stop or report these a*holes that
> wasting bandwidth?

You might check out ARIS http://aris.securityfocus.com .  We give you a
way to manage reporting incidents to ISPs, among a number of other
features. It's also a way to be one more count against a particular
attacker even if you don't want to report things yourself.  It's free.


Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list